1. Who operates Presko
Presko, available at presko.me, is operated by Jakub Holly in Slovakia. Jakub Holly is the controller of personal data processed through Presko.
Privacy questions and requests can be sent to jakub.holly237@gmail.com.
2. Information Presko processes
When you create and use an account, Presko stores:
- your email address, username, password hash, account-creation date, roles and permissions;
- the version and time of your acceptance of the Terms of Service and acknowledgement of this Privacy Policy;
- your private ratings, recorded prices, favourites, wishlist, places visited list, and custom wishlist entries;
- temporary password-reset token hashes and their expiry times; and
- limited administrative records created when authorised staff manage the public coffee-shop database or user roles.
Passwords are hashed and are not stored in readable form. Presko does not currently provide public user profiles or publicly attributed ratings.
3. Private ratings and public coffee-shop data
Ratings saved in your places visited list are private account data. They do not change the ratings or scores in the public coffee-shop database, regardless of your role.
Places visited is available to User and Administrator accounts. Moderator and Founder accounts manage the public catalog instead and cannot access places visited.
Only accounts with the Moderator or Founder role may separately add, edit, or delete public coffee-shop records. Administrator accounts are limited to account security and dashboard administration. Public catalog actions and important role changes may be recorded in an administrative audit log.
4. Login and browser storage
Presko uses a JavaScript-accessible authentication token for login. Standard sign-ins store the token in session storage and issue it for up to one day. If you select “Remember me,” the token is stored in local storage and issued for up to 30 days.
The token contains your account ID, email address, username, account-creation date, roles, accepted legal-document versions and session information. Presko checks the account and current roles on protected requests. Password, profile and role changes invalidate older tokens.
Presko does not currently use advertising cookies, analytics cookies, behavioural tracking, session recording, or advertising pixels. It therefore does not display a general cookie-consent banner. Session storage is also used to remember the previous page for navigation.
5. Why the data is used
Presko processes account and private collection data to:
- create, authenticate and maintain your account;
- provide favourites, wishlist and places visited features;
- process password resets and account changes;
- manage permissions and the public coffee-shop catalog;
- prevent abuse and protect the service; and
- comply with legal obligations and protect legal rights.
Account features are processed because they are necessary to provide the service you request. Security, abuse prevention and limited operational logging are based on Presko’s legitimate interest in operating a safe and reliable service. Legal obligations are processed where applicable law requires them.
6. Technical data and rate limiting
Presko temporarily uses the requesting IP address in server memory to limit repeated authentication and password-reset requests. These counters expire after the applicable 15-minute or one-hour limiting window and are not used for advertising or profiling.
Hosting and infrastructure providers may also automatically process request information such as IP addresses, timestamps, server logs and error details under their own operational retention schedules.
7. Service providers
Presko uses the following providers to operate active features:
- Render for application hosting and PostgreSQL database infrastructure. Account, private collection and technical request data may be processed there.
- Resend for transactional password-reset email. Your email address and reset link are sent to Resend when you request that feature.
Providers may process data outside Slovakia or the European Economic Area. Such processing is subject to the provider’s terms and the transfer safeguards required by applicable data-protection law.
8. Retention
- Account and private collection data remain in the active database while your account exists.
- Password-reset token hashes expire after one hour and are cleared when used, replaced, or cleaned up after expiry.
- Administrative logs are kept for no more than 90 days and are also limited to the latest 100 entries.
- In-memory rate-limit data expires after its 15-minute or one-hour window.
- Hosting, database and email providers may retain restricted logs or backups according to their own schedules.
9. Account deletion
You can permanently delete your account in Profile → Account settings. The active database deletes your user record, password hash, reset-token data, roles, private ratings, favourites, wishlist and custom wishlist entries in one transaction.
Administrative logs created by your staff activity are retained only for the limited period above, but your email and username are replaced or removed when your account is deleted. Public coffee-shop records remain because private user ratings never determine their scores.
Restricted backups may temporarily contain deleted data until they are overwritten through the provider’s ordinary backup lifecycle. If you cannot access your account, email jakub.holly237@gmail.com for deletion assistance. Presko may ask you to verify account ownership.
10. Your rights
Depending on applicable law, you may have rights to access, correct, delete, restrict or object to processing of your personal data, and to receive certain data in a portable format. You may also complain to the Office for Personal Data Protection of the Slovak Republic or another competent supervisory authority.
To exercise a right, contact jakub.holly237@gmail.com. Legal limitations may apply.
11. Children
Presko is not intended for children under 16, and users must be at least 16 to create an account. Contact Presko if you believe a child under 16 has created an account.
12. Security
Presko uses measures designed to protect personal data, including password hashing, expiring reset links, server-side permission checks, session invalidation, request limits, security headers and encrypted production connections. No online service can guarantee complete security.
13. Changes and contact
This policy may be updated when Presko changes or the law requires it. The latest version will be published here with a new effective date. Material changes may also be announced through the website or by email.
Contact: Jakub Holly, Slovakia, jakub.holly237@gmail.com.